﻿<?php !defined('ACCESSING') && die('Hacking attempt');?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>最新消息</title>
<link href="style/style.css" type="text/css" rel="stylesheet" />
<script src="../js/j.js" type="text/javascript"></script>
<script src="../js/ajaxAlert.js" type="text/javascript"></script>
<script src="../ckedit/ckeditor.js" type="text/javascript"></script>
<script language="javascript">
function checkAll(e, itemName)
{
  var aa = document.getElementsByName(itemName);
  for (var i=0; i<aa.length; i++)
   aa[i].checked = e.checked;
}
function checkItem(e, allName)
{
  var all = document.getElementsByName(allName)[0];
  if(!e.checked){
  	all.checked = false;
  }
  else
  {
    var aa = document.getElementsByName(e.name);
    for (var i=0; i<aa.length; i++)
     if(!aa[i].checked) return;
    all.checked = true;
  }
}

$(function(){
	$(".tab_tr").mousemove(function(){
		$(this).addClass("tab_tr_hover");
	});
	
	$(".tab_tr").mouseout(function(){
		$(this).removeClass("tab_tr_hover");
	});
	
	$("#B1").click(function(){
		if($("#ntitle").val() == ""){
			$("#titError").html("請填寫標題!!");
			$("#ntitle").focus();
			return false;
		}else{
			$("#titError").html("");
		}
		
		if($("#news_order").val() == "" || isNaN($("#news_order"))){
			$("#OrderError").html("請確認您已經填寫了正確的排序數字!!");
			$("#news_order").focus();
			return false;
		}else{
			$("#OrderError").html("");
		}

		if($("#news_values").val().length > 1000){
			$("#ContentErerror").html("消息詳述太長!!");
			$("#news_values").focus();
			return false;
		}else{
			$("#ContentErerror").html("");
		}
	});
})
</script>

</head>

<body topmargin="30">
<div align="center">
<?php
if($_GET['action'] == "add"){
	$ntitle = ChangeStr($_POST['ntitle']);
	$news_order = ChangeStr($_POST['news_order']);
	$news_values = ChangeStr($_POST['news_values']);
	
	if($ntitle == "" || $news_order == "" || $news_values == ""){
		alert("請確保您各項欄位都已填寫正確!!",1);
	}else{
		$rsadd = $db->query("INSERT INTO gsw_news(title,author,viewnum,ordernum,content,posttime) VALUES('".$ntitle."','".$_SESSION['AdminName']."',0,".$news_order.",'".$news_values."','".ndate(0)."')");
		if($rsadd){
			JumpUrl("news.php");
		}else{
			alert("新增消息失敗!!",2,"news.php");
		}
	}
}elseif($_GET['action'] == "edit" && !empty($_GET['nid'])){
	$nid = $_GET['nid'];
	$ntitle = ChangeStr($_POST['ntitle']);
	$news_order = ChangeStr($_POST['news_order']);
	$news_values = ChangeStr($_POST['news_values']);
	
	if($ntitle == "" || $news_order == "" || $news_values == ""){
		alert("請確保您各項欄位都已填寫正確!!",1);
	}else{
		$rsedit = $db->query("UPDATE gsw_news SET title = '".$ntitle."',ordernum = ".$news_order.",content = '".$news_values."' WHERE id = ".$nid."");
		if($rsedit){
			JumpUrl("news.php");
		}else{
			alert("修改消息失敗!!",2,"news.php");
		}
	}
}
if($_GET['form'] == "" && $_GET['action'] == ""){
?>
	<table width="100%" id="table1" cellpadding="5" style="border:1px solid #336699;" cellspacing="1">
		<tr>
			<td colspan="2" bgcolor="#E8F1FF">
			<p align="center" style="padding:5px">
			<font size="2">最新消息管理系統</font></p></td>
		</tr>      
		<form name="form2" method="post">
		<tr style="height:30px">
			<td width="17%" bgcolor="#E8F1FF" align="right">快速搜尋：</td>
			<td width="80%" class="tab_tds" style="text-align:left">
			<input name="namekey" type="text" id="namekey" size="20"> 
			<input type="submit" name="Submit3" value="查 詢">&nbsp;
			<a href="flashlist.asp">顯示全部消息</a></td>
		</tr>
		</form>
        <tr style="height:25px">
			<td width="17%" bgcolor="#E8F1FF" align="right">快速新增：</td>
			<td width="80%" class="tab_tds" style="text-align:left"><a href="#" onclick="showWin('url','news.php?form=add','',500,250);">新增消息</a></td>
		</tr>
	</table>
	
    <table border="1" width="100%" id="table2" cellspacing="1" cellpadding="3" style="border:1px solid #336699;">
    <form name="form" method="post" action="flashmanage.asp?act=del">
        <tr>
            <td width="8%" class="tab_header_tr">消息ID</td>
            <td width="40%" class="tab_header_tr">消息標題</td>
            <td width="14%" class="tab_header_tr">發布人</td>
            <td width="10%" class="tab_header_tr">消息排序</td>
            <td width="20%" class="tab_header_tr">發布時間</td>
            <td width="8%" class="tab_header_tr">選擇</td>
        </tr>
<?php
		$PageSize = 3;
		$PageNo = !empty($_GET['page']) ? $_GET['page'] : 1;
		$StartNo = !empty($_GET['page']) ? ($PageSize * ($PageNo - 1)) : 0;
		$sql = "SELECT * FROM gsw_news ORDER BY ID DESC LIMIT ".$StartNo.",".$PageSize."";
		$rs = $db->query($sql);
		$rsnum = $db->getcount("SELECT * FROM gsw_news");
		$MaxPage = $rsnum / $PageSize;
		if($rsnum == 0){
?>
			<tr class="tab_tr">
				<td class="tab_tds" height="30" colspan="5">好像還沒有消息!!</td>
			</tr>
<?php
		}else{
			while($row = $db->getarray($rs)){
				$nid = $row['id'];
				$title = $row['title'];
				$OrderNum = $row['ordernum'];
				$author = $row['author'];
				$posttime = $row['posttime'];
?>
            <tr class="tab_tr">
                <td class="tab_tds"><?=$nid?></td>
                <td class="tab_tds"><a href="news.php?form=edit&nid=<?=$nid?>"><?=$title?></a></td>
                <td class="tab_tds"><?=$author?></td>
                <td class="tab_tds"><?=$OrderNum?></td>
                <td class="tab_tds"><?=$posttime?></td>
                <td class="tab_tds">
                <input name="id" type="checkbox" id="id" value="<?=$nid?>" onClick="checkItem(this, 'mmAll')"></td>
            </tr>
<?php
			}
		}
?>
		<tr>
            <td colspan="8" class="tab_tds">
			<?=Page($PageSize,$rsnum,$PageNo,$MaxPage,"news.php");?>
			</td>
        </tr>
        <tr>
            <td colspan="8" class="tab_tds">
                <p style="margin-top: 10px; margin-bottom: 10px">	
                <input type="submit" name="Submit" value="刪除所選" onClick="return confirm('您確定真的要刪除嗎？')"> 
                <font size="2">全選</font><input type="checkbox" name="mmAll" onClick="checkAll(this, 'id')"></form>	
            </td>
        </tr>
    </table>
<?php
}elseif(!empty($_GET['form']) && $_GET['form'] == "add"){
?>
<form name="form2" action="?action=add" method="post">
	<table border="0" id="table1" cellpadding="5" style="border: 1px solid #336699; " cellspacing="1" width="80%">
		<tr>
			<td colspan="2" class="tab_add_header_tr">新增最新消息</td>
		</tr>
        <tr>
			<td bgcolor="#E8F1FF" align="right">
			<font size="2">消息標題：</font></td>
			<td class="tab_tds" style="text-align:left">
            <input name="ntitle" type="text" id="ntitle" class="inputtext" maxlength="150" /> <span id="titError" class="red"></span></td>
		</tr>
        <tr>
			<td bgcolor="#E8F1FF" align="right">
			<font size="2">消息排序：</font></td>
			<td bgcolor="#FFFFFF" align="left" class="tab_tds" style="text-align:left">
            <input name="news_order" type="text" id="news_order" class="inputtext" value="0" size="10" maxlength="10" /> 
            <span id="OrderError" class="red"></span>
            <span class="helptxt">消息將按此順序進行排列</span></td>
		</tr>
		<tr>
			<td bgcolor="#E8F1FF" align="right">
			<font size="2">訊息詳述：</font></td>
			<td bgcolor="#FFFFFF" align="left" class="tab_tds" style="text-align:left">
			<textarea rows="15" class="ckeditor" name="news_values" id="news_values" cols="60"></textarea> <span id="ContentErerror" class="red"></span></td>
		</tr>
		<tr>
			<td bgcolor="#E8F1FF" align="center" colspan="2">
			<input type="submit" value="新增訊息" name="B1" id="B1">&nbsp;&nbsp;&nbsp;
			<input type="button" value="返回" name="B2" onClick="location.href='news.php'"></td>
		</tr>
	</table>
</form>
<?php
}elseif(!empty($_GET['form']) && $_GET['form'] == "edit" && !empty($_GET['nid'])){
	$nid = ChangeStr($_GET['nid']);
	$rsedit = $db->query("SELECT * FROM gsw_news WHERE id = ".$nid."");
	if($rsedit){
		$row = $db->getarray($rsedit);
		$ntitle = $row['title'];
		$news_order = $row['ordernum'];
		$news_values = $row['content'];
	}else{
		alert("沒有找到此消息!!",1);
	}
?>
<form name="form2" action="?action=edit&nid=<?=$_GET['nid']?>" method="post">
	<table border="0" id="table1" cellpadding="5" style="border: 1px solid #336699; " cellspacing="1" width="80%">
		<tr>
			<td colspan="2" class="tab_add_header_tr">修改最新消息</td>
		</tr>
        <tr>
			<td bgcolor="#E8F1FF" align="right">
			<font size="2">消息標題：</font></td>
			<td class="tab_tds" style="text-align:left">
            <input name="ntitle" type="text" class="inputtext" id="ntitle" value="<?=$ntitle?>" maxlength="150" /> 
            <span id="titError" class="red"></span></td>
		</tr>
        <tr>
			<td bgcolor="#E8F1FF" align="right">
			<font size="2">消息排序：</font></td>
			<td bgcolor="#FFFFFF" align="left">
            <input name="news_order" type="text" id="news_order" class="inputtext" size="10" maxlength="10" value="<?=$news_order?>" /> 
            <span id="OrderError" class="red"></span>
            <span class="helptxt">消息將按此順序進行排列</span></td>
		</tr>
		<tr>
			<td bgcolor="#E8F1FF" align="right">
			<font size="2">訊息詳述：</font></td>
			<td bgcolor="#FFFFFF" align="left">
			<textarea rows="15" name="news_values" class="ckeditor" id="news_values" cols="60"><?=$news_values?></textarea> 
            <span id="ContentErerror" class="red"></span></td>
		</tr>
		<tr>
			<td bgcolor="#E8F1FF" align="center" colspan="2">
			<input type="submit" value="修改訊息" name="B1" id="B1">&nbsp;&nbsp;&nbsp;
			<input type="button" value="返回" name="B2" onClick="location.href='news.php'"></td>
		</tr>
	</table>
</form>
<?php
}
?>
</div>
</body>
</html>